On Wednesday, Apple released 13 fixes for serious security bugs on macOS and 10 fixes for flaws on iOS/iPadOS. These include fixes for two zero-day bugs, one of which may have been used by attackers in the wild.
The first zero-day was a memory corruption issue. Hackers exploited this vulnerability by a malicious application to execute arbitrary code with kernel privileges. The error is especially present in IOMobileFramebuffer. This is a kernel extension that allows developers to control how device memory handles the on-screen display. In other words, how it handles the frame buffer. This affects iOS, iPadOS, and macOS Monterey. Apple has solved this problem with advanced login verification. Apple also said it was aware of a report indicating that it may have been actively exploited in the wild. The new updates are for iPhone 6s and later versions, iPad Pro (all models), iPad Air 2 and later versions, 5th generation and later iPad versions, iPad mini 4 and later versions, and iPod touch (7th generation).
Apple took care of the Safari error and fixed the second zero-day error. The second vulnerability was a widely published WebKit error. This disclosure issue affects browsers for macOS, iOS, and iPadOS. Researchers found out about this new error in the past weeks. The tracking website allows the user to learn about other tabs they can open. This error is a violation of the cross-source policy in the IndexDB API. This is a JavaScript API in web browsers and it manages the JSON NoSQL object database. Apple has also corrected this error with advanced login verification.
Typically, a web browser allows scripts on one web page to access data on a second web page only if both pages have the same source/backend server. Without this security policy, hackers can freely access all the data on other tabs that the victim can open in the browser if they manage to place a malicious script on a website. This includes access to online banking sessions, emails, health portal data, and other sensitive information.
These two zero-days are among the most damaging vulnerabilities. Because these mistakes have the potential to provide remote code execution (RCE) on mobile devices. These are similar to Pegasus mobile spyware and nation-state espionage. Threat actors use these sorts of vulnerabilities with malicious intent or by governments engaged in human rights violations. Unfortunately, we will very certainly see similar vulnerabilities as the year progresses.
Because the majority of businesses use Apple products, they must exercise caution in their daily operations. They should provide the appropriate education to deter any harm that may result from their workers’ activities. A wonderful place to start is with our Awareness Educator. Through scheduling, the Awareness Educator module also allows you to construct long-term, proactive training and awareness programs. Throughout the year, we also provide resources such as tip sheets, posters, and screensavers to accompany the training topics. Click here to check out other materials we offer!
Drop your contact information to learn more about Keepnet Labs and its opportunities
Drop your contact information to learn more about Keepnet Labs and its opportunities
Drop your contact information to learn more about Keepnet Labs and its opportunities
Drop your contact information to learn more about Keepnet Labs and its opportunities
Join our expanding network of resellers and MSSP partners that assist global brands in defending their businesses from cyber-threats.
